Brand x, y & z

Have posted here a while back re perhaps having to eventually move from current Sygate f'wall to, likely, Agnitum's Outpost Pro or ZA Pro. In last post, I said I rather liked Sygate's style, in that I don't have to babysit it much or be overwhelmed with choices.

I > want a strong sense of security < from an f'wall obviously, but don't want a headache from too many choices and end up constantly having to click yes or no or maybe...

Perhaps it's a matter of my worrying about an f'wall with too many choices, & as you well know, a misconfigured anything could easily lull one into thinking that the bases are covered (when in fact, they may not be).

BUT... having said that, can I again get general opinions from users of the two above apps with preferably most current versions - and tell me if you'd buy it again if you had to start over?

It seems that Outpost included its Tauscan app in its Pro f'wall (and I have been using trial ver. of Tauscan, recently). Both they and ZA and most f'walls come to think of it, have seemingly thrown in an approach to "anti-everything" and have also gone to yrly. fee/charge and til now, I wouldn't have thought an f'wall needed updates - but I guess that is because the web is now the current wild, wild west (or so it would seem).

Input is appreciated, as always, and again this is to seek your thoughts on the matter and by no means an invite to "who's best" flame war.

Many thanks, for opinions, SG1 (Pat)
===========================
Both Agnitum and ZA currently have "deals" for we Kerio or Sygate users, so I'm thinking I should buy new f'wall when the deals are on, so I can have new f'wall in reserve if my current Sygate product falls over dead, (when Symantec aka bloatware international kicks Sygate f'wall off the playing field).

While Zone Labs may appear to be going for a anti-"everything", they are still committed to having different types of products to suit different people's needs. So you have a choice of what you want and what you don't want. Here is what the different ZA software contains:

Sygate will be good for at least a couple of years. I have a license for Sygate Pro, as well as LnS, ZAPro, and now Outpost. I swap from one to the other when the mood strikes me.

I like Sygate Pro and its stealth feature that allows you to click a box and hide browser and OS information and will keep Sygate until it's old and grey.

I'm no firewall expert, but of the 4, I think the latest pay version of ZA might offer the best defense but, as I said, I'm no expert. Outpost's antispyware seems to do a better job than ZA. Also, I read somewhere that Outpost's firewall engine is a couple of generations out of date. I don't know if that's true or not.

I'd like to see ZA offer the pay version of their firewall without the antispyware, for a few bucks less than Pro. That would fill the gap between free and Pro and offer the added features that free is missing.

SG1 .
Sygate was a poor firewall . Has been for a very long time . As for choosing between ZAP and OP , the question is , do you want to feel a sense of security OR do you want security ? There is no question which of the two is stronger . Both will provide security for MOST home users . OP is more secure . ZAP is easier to understand . OP is not difficult by any means . ZAP is simple but not as secure as OP . Either will give you better security than you had with Sygate . Both will provide a " sense " of security . Only one will actually give you all you will ever need at this time . As for yearly fees . OP charges for upgrades after your licence expires . So . If your OP license expires , wait until the next big release before renewing .

I have to disagree with hollywoodpc there. Outpost is not more secure than ZAP at all, in fact, I think the opposite is true. ZAP has quite a bit more protection than Outpost. The only real thing Outpost has going for it is a nice pretty interface for rule making. ZAP still allows you to make rules however it's a little more awkward. But then ZAP has more overall protection.

Sygate was a good firewall, just had the proxy issue as it's biggest problem. But if you don't run proxy software of any kind, then it's still fine. Actually Sygate has more features and protection than Outpost too. So either one would be better.

I have to disagree with hollywoodpc there. Outpost is not more secure than ZAP at all, in fact, I think the opposite is true. ZAP has quite a bit more protection than Outpost. The only real thing Outpost has going for it is a nice pretty interface for rule making. ZAP still allows you to make rules however it's a little more awkward. But then ZAP has more overall protection.

Sygate was a good firewall, just had the proxy issue as it's biggest problem. But if you don't run proxy software of any kind, then it's still fine. Actually Sygate has more features and protection than Outpost too. So either one would be better.

Good . I am glad there are differing opinions here . However , do some homework . To say ZAP is more secure is false . If you like ZAP , use it . Be happy with it . Do not say it is more secure because it is not . I need not reveal my expertise nor do you but , do your homework and understand firewalls .
Again . I am happy to see that people have opinions . Mine was not . People in this forum love to claim one is better than the other because it is their product . Not me . I know what works and what does not . For the most part , I can see which are close and which are not . Can ZAP be bypassed ? Yes . Can OP ? Yes . All software firewalls can be . Features aside , OP is more secure . This is why I left ZAP to start with . With Version 6 , stronger yes but , not more secure than OP . I need not comment on this further . I tried to help this person out with fact . As usual though , there will be confusion as some choose to argue facts .
As stated before , GOOD LUCK with the decision . It is going to be a tough one . Either way though , for normal household use , you will be fine .
I am thinking that Kerodo MIGHT be saying ZAP has more protection features . If so , it still makes no difference . It is simply not as secure as OP regardless of what features it has .

There is no point in arguing about it hollywood.. I believe it was you who first said that Outpost is more secure than ZAP. It is not. That is simply your opinion. I offered my opinion as well. So there you have it..

Actually, most of today's firewalls are secure against known memory injection techniques, but the real risk is the unknown method, it has no way of protecting itself, the only way is by incorporating a good anti hook, so far only McAfee is showing that promise.

Features aside , OP is more secure . This is why I left ZAP to start with . With Version 6 , stronger yes but , not more secure than OP . I need not comment on this further . I tried to help this person out with fact .

Click to expand...

And may I know where you got the fact that OP is more secure than ZA? A technical detailed study would be much appreciated. As to my knowledge, I haven't read anything about OP being more secure than ZA.

Actually, most of today's firewalls are secure against known memory injection techniques, but the real risk is the unknown method, it has no way of protecting itself, the only way is by incorporating a good anti hook, so far only McAfee is showing that promise.

Click to expand...

This is simply not true the popular firewalls like za, sygate, and outpost all fail to prevent revese connections using well known process memory injection techniques. I have tested these firewall's against malware using this method not "leak tests", defeating these firewalls everytime with ease, whilst some will prompt and warn of the memory injection none of them are able to prevent the reverse connection

Well, there are apparently ways to bypass all of the personal firewalls (according to what some say), so in that case all we can do is provide the best protection possible and hope the worst doesn't happen. Some will argue that all personal firewalls are snake oil and a complete waste of our time. I prefer to run one, hoping that it will protect me against 99.9% of the threats. In my opinion, some protection is much better than none. And of course safe habits and practices is the best protection of all..

Try your tests against a properly set up McAfee Enterprise version 8 and see if you suceed.

Click to expand...

i will get to mcafee in time but as hardly anyone uses mcafee compared to the other 3 firewalls i have tested and previous bad experances with mcafee put me off does mcafee firewall use active x like there nasty security center and spyware products?

tell me have you tested mcafee yourself against reverse conection process injection? or are you recomending mcafee as a strong firewall?

I've been using Outpost for about 4 1/2 years. It replaced AtGuard. I purchased it prior to the RC-1 release and have the lifers key. I considered my purchase as a charitable contribution at the time. Whos' lifetime are we talkin' about anyway? I would purchase it again but would be very selective about purchasing support/updates. I'm a user, not an enthusiast.

I first became aware of the need for a firewall in my anonymous FTP dayz (circa'97), and tried many of the early versions of Atguard, Conseal, Sygate, BlackIce, Zone Alarm, usw. I've tried Tiny/Kerio as well. I have not tried ZA in over five years. P2P has replaced anon FTP and a good firewall is even more essential.

I like Outpost and believe ( a conviction un-supported in fact) that the current version is stable and functions to my expectations. I'm concerned about the usefulness of the anti-spyware plugin. I would like to think that along with the firewall engine doing its part, careful control over what Outpost calls "Active Content" and the practice of safe hex along with an anti-virus scanner would preclude the need for anti-spyware. Just goes to show what I don't know.

I'm also a bit concerned by this blurb in the Agnitum newsletter received today:

"Improved Feedback Loop

The new ImproveNet will enable Agnitum developers to collect and review users’ application Internet access configurations and program usage statistics, including information that explicitly identifies an application by its unique parameters, such as checksum and version data. This data in turn enables the developers to expand the existing database of known applications and make more automatic access rules available to users."

While this may benefit some, I'm not sure I like the idea of this kind of info being collected and if they can collect this kind of info what else can they collect and what kind of market might be interested in it?

I'll throw my two-cents' worth into the ring and say that as a former Sygate Pro user, I tested several firewalls and have settled upon and purchased Danware's NetOp Desktop Firewall 3.0. It loads at driver level. There is a free, 30-day, fully-functional trial version available at http://www.crossteccorp.com/ if you are interested. Hope this is helpful to someone. CHUCK

I'll throw my two-cents' worth into the ring and say that as a former Sygate Pro user, I tested several firewalls and have settled upon and purchased Danware's NetOp Desktop Firewall 3.0. It loads at driver level. There is a free, 30-day, fully-functional trial version available at http://www.crossteccorp.com/ if you are interested. Hope this is helpful to someone. CHUCK

Click to expand...

this looks very interseting im gonna give it a try just tested mcafee and kerio both detect nothing and allow process memory injection so i hope this is better